We have finally completed the Spanish translation of the Spybot user interface and it will be available for those who update their software after 30th July.

Spybot-S&D in Spanish

Now our loyal Spanish speaking users will be able to access all functions of our antimalware software in their native tongue. To change to the language settings within Spybot select ‘Advanced User Mode’, choose Settings/Language and select your language from the list. It is as easy as that!

Ransom and extortion is no longer reserved for sensational news and bad movies; cyber hackers are diving headfirst into this growing area of criminality. Hackers know you care dearly for your website, and they expect your protective instinct will translate into a quick payday.

Unwelcome News

Your website just went offline for 20 minutes. Few minutes later you see a strange message in your inbox that reads: “I have a DDoS army ready to attack. Pay $300 in 24 hours or I will crash your website again. Good day!” You hoped this day wouldn’t come. When you are operating a successful website, this is the last message you want to receive.

Unfortunately this type of message is more common than ever. Companies are being held against their will with ransom DDoS in this pattern. Hackers send a ‘warning shot’; just a couple Gbs of traffic to show you they mean business. Then the ransom note demanding your compliance or they will hit you even harder.

So how do you get out of this jam unscathed? Let’s examine recent ransom activity to see how you should respond to hacker threats.

DDoS is as easy as Pie

From the beginning of 2014 the cyber security industry has recorded some disconcerting trends regarding Distributed Denial of Service (DDoS) “ransom attacks”. To put this trend into numbers, according to security provider Incapsula, reports of DDoS ransom threats have increased from “one or two a week” to “once or twice every other day.”

But, to what do we owe this unwelcome surge in ransom DDoS threats occurrence?

Well, for one, this new trend is a result of technological improvements that made it easier (and cheaper) than ever to command DDoS botnets.

After all our infrastructures are constantly improving. Better networks also mean higher power attacks. These are dangerous tools for those who would misuse their potential.

Moreover, increased global Internet access also facilitates the evolution of botnet malware, as more and more underdeveloped and un-secured networks are added to the general pool.

Of course there are many reasons for this uptick. Yet, whatever those reasons are, the bottom line remains the same: today, DDoS attacks cost next to nothing to execute. And, with new and widely available “botnets for hire” services, they could be initiated by everyone, not only for ransom but also out of spite or sheer boredom.

Ransom DDoS – Modus Operandi

It’s interesting to note some of the common themes that appeared time and time again, in the latest ransom DDoS attacks.

Shifting the Attention

Oddly enough, many low-level hackers will tailor their message to their target as a thinly veiled threat from a rival company.

The point of this tactic could be to create a red herring in the target company’s ensuing investigation of the threat, but the more likely motivation is to instill a feeling of paranoia in the target.

Also, companies tend to make rash decisions (like pay an uncreative hacker) when they feel their enemies are bearing down on them.

Small Price to Pay

DDoS has become so easy, one can execute a DDoS attack for 20-30 USD at a time. This ease-of-use also drives down the average ransom price to a 300-700 USD. This is obviously just “pocket change” for many websites, and some would be inclined to pay up, but before they do they need to look at the bigger picture.

One issue with paying the initial ransom is the possibility of a second threat. After all, if the hacker knows that you’ll pay up, what is stopping them from coming at you again, with harsher demands?

Also, word of a vulnerable site that is susceptible to ransom DDoS demands gets around. Even if the first hacker honors his/hers word, what’s to stop someone else from trying to shake you down with another DDoS threat down the road?

Stingy Copywriting

Creative writing is not one of hacker’s strong suits. If you can believe it, the ransom email sent to Meetup was the exact same sent to a big Israeli website, and several others as well.

Hackers hiding behind the same block of text are likely trying throw off the scent in a counter investigation.

Who’s really behind these Ransom DDoS Attacks?

Considering the size of these attacks and the sloppy methods of execution – not to mention the pocket change ransom asks – these threats look like a work of so called “script kiddies” – amateurish hackers that use someone else’s tools to turn a quick profit.

This doesn’t mean that these “attention hackers” aren’t dangerous. Still, when you do get that ransom email, it helps to know what you are up against. After all, knowing is half of the battle.

In response to the latest techniques used by malware developers we have added new enhanced detection methods. This means better protection against the new wave of spyware, rootkits and viruses.

Scanning and cleaning is now much faster. We have ‘tweaked’ our scanning engine so it now scans faster and some cleaning tasks are now fully automated.

We have also made certain features of Spybot easier to access from the user interface at the request of our customers, many of whom gave us very useful feedback. There have also been many other functional improvements and enhancements.

For example:

Improved Startup Tools. These powerful tools now work with even the latest Windows Operating Systems.

SDScan now runs automatically with escalated privileges. This means no more annoying restarts and no need to run SDCleaner.

Furthermore we have added an exciting new ‘Notifications’ feature:

Spybot can now be configured to send the results of scans on your PC to your mobile device, server, chat or website. You no longer have to wait around while Spybot is doing a scan. As soon as your scan finishes a message will be sent to your chosen recipient and you will be informed of possible threats. This means you can react and make decisions on what action to take much faster.

The public beta test of the next release of Spybot +AV is now finished.

Many thanks to our many beta testers who gave a lot of constructive feedback to our team.
This is the reason, why we decided that this time the winners of the 7 Professional Edition Licenses are all those who left their email addresses.

There will be a final phase of bug fixes, tweaks and internal testing before the release candidate will be published. As there were no major bugs reported, this will not take very long.

The first public beta version of Spybot +AV 2.3 is ready for testing. Responding to requests from our users we have incorporated more than 100 usability and functionality improvements in this new version. These changes will continue to build on the reputation of Spybot +AV as your number one malware protection and security toolkit.

A notification sent from Spybot

One major new feature will be Notifications. Whether you are providing the technical support to family and friends or you are the administrator of your company’s network, this feature will allow you to keep informed of any security threats on the computers you look after.

Despite the already rigorous testing that the product has gone through, we recommend you use a virtual machine for testing. A 30 days trial license of the Spybot +AV 2.3 Professional Edition is included in this beta version (valid till 20th January 2014). When you have finished your testing we would appreciate your completing the survey. From the completed surveys we will select 7 users at random and send them a free one year Professional Edition license for Spybot +AV 2.3.

Please give us your feedback

Please report all bugs you encounter using our bug reporting form. In order to evaluate your feedback, please provide as much information as possible so that we can reproduce errors and bugs quickly.

Download links

Microsoft will soon be releasing version 8.1 of their Windows® operating system.

While testing Windows 8.1 for Spybot +AV compatibility, we encountered changes to the Windows® Security Center and some other security techniques that made an update to Spybot necessary.

Release 2.2 of Spybot will incorporate these modifications in order to ensure compatibility with Windows® 8.1. All other changes are minor, which means that you will not need to upgrade from Spybot 2.1 to 2.2 unless you are planning on switching to Windows® 8.1.

The second service release of Spybot 2.1 is now available. As well as background improvements we have also included updated language files and installation is now smoother. As a result of feedback from users we have also changed the default settings for Internet Protection to give better performance. The Start Center and the tray icon now give you more precise information about the status of options.

It’s that time of the year where you would like to spend your money on a six pack of coke, beer or iced tea and not on software licenses, so we decided to host another giveaway of Spybot Professional Edition licenses.

Just use our giveaway options below to like us on Facebook, follow us on Twitter or tweet about us to gain up to five entries in the giveaway.

Winners will be drawn next week and notified right away. You can read up our Terms and Conditions for more details.

Not only does Spybot +AV version have an award winning antivirus engine but it has many new features and enhancements:-

Click on image to enlarge

Virus scanning and removal (Home Edition and above): The inclusion of the anti-virus engine means that we can now offer live protection against viruses.

Selective removal. Choose only the malware you want to remove. You can view what is suspected to be malware on your system and decide if you want to keep it or remove it.

The anti-virus signature files are updated multiple times every day. This means real protection always.

Simplified view of update screen. Information is now displayed in a clear, understandable graphical format.

Enhanced GUI: We have simplified the view of many component parts to make it easier for our users to understand what is happening.

Multilingual support: We have now included French and Italian languages. The language can easily be changed from within the settings section in ‘Start Center’.

MRU (Most Recently Used) Scan: If you want to do a quick scan, you can tell Spybot to scan only the most recently used files.

Scan mode for usage tracks only: You can do a dedicated scan and remove only usage tracks.

Rootkit Scan: Rootkit scan has been improved.

Faster scan speeds: In the Home Edition and above the scan engine now supports ‘Multi-core’ processors.

Click on image to enlarge

Live Protection: Real time live protection can be turned on or off depending on users requirements.

Click on image to enlarge

Improved ‘Protected Repair Environment’: This exclusive feature is now easier to use as it has its own dedicated easy to use ‘Spybot Taskbar’. The PRE allows you to work in an independent environment that is free from malicious threats.

Updated Boot CD Creator: Integrated tool for creating a Boot CD to allow you to do a ‘clean boot’ of an infected system.

Extensive white list for system files: This is now shared among other Spybot components to further increase scanning speed. You are prompted to create white list in the Start Center on newly commissioned systems.

As part of our service to our users Safer-Networking has always provided a free, independent forum. This forum is maintained by volunteers and Safer-Networking staff.

We have now updated this forum to make it even easier to use. If you suspect that your system is infected, but your antivirus or antispyware software does not appear to detect anything, you might find the forum useful and informative.

The forum is constantly being updated with the latest information on threats, and you can also post any issues you might have for the attention of our team of analysts.

If you have not already used this valuable service, you will have to register to be able to post. The registration process is quick and easy, and don’t worry, we are the ‘Good Guys’, we will not release any of your details.

The release of Spybot +AV 2.1 in early May will mark a big change in the Spybot product. We will soon be offering a product that not only provides detection and removal of adware and spyware but also antivirus protection.

This is a very important milestone for us as we will be offering a product that provides complete protection against all types of malware. As well as the addition of an antivirus engine we are now also offering more frequent updates for better protection.

This product has been a long time in development and the recent release of Spybot 2 was the first step towards the launch of this new product.

You can now test and try a Beta-Version of Spybot +AV 2.1. Head over to our Beta Versions page for detailed information about this pre-release.

Our loyal users that have used and trusted our free version need not worry, we are still committed to providing our fully functioning free anti-spyware product. We will continue to develop this product and we are commited to continuing to make it available as a free download.

Customers who buy Spybot 2 from now on will be able to upgrade to Spybot 2 +AV free of charge when it is released.

Users who have already purchased any Spybot 2 product will be offered the option to upgrade to the new version when it is released.

Some of the improvements in this new version:-

Antivirus scan (Home Edition and above)

Enhanced GUI: a simple view has been added to many components and the number of dialogues has been reduced.

In our discussions with our users we realised at an early stage that they wanted a more modern user interface. We believe we have managed to create a new front end in our Start Center that has a clean look while proving easy access to many additional new features and tools.

The tools available are grouped in the ‘Start Center’ into three sections. Most of the ‘Basic Tools’ existing users will be familiar with but they have all been improved to increase speed and usability

The ‘Advanced Tools’ really start to let you get to the core of your system and are not for the faint hearted. ‘Settings’ gives you control of how Spybot 2 behaves and really allows you to tailor settings to get the maximum out of our software. Here you have control of everything from schedules to choosing how Spybot 2 interacts with other installed software. By tweaking the settings available scan speeds can be fine tuned. ‘Startup Tools’ give you access to various registry settings grouped logically. This is a tool for real experts and caution should be exercised when making changes. A ‘Secure Shredder’ is also provided which allows you to effectively delete files by making sure that all traces of data have been removed. This is very useful if you are worried about confidential documents falling into the wrong hands.

‘Advanced Tools’ also provide a ‘Rootkit Scan’ which can provide a Quick Scan of you system or a ‘Deep Scan’ which is of course more time consuming. There are also facilities here to check for updates and repairing broken system entries.

Some new tools grouped in the third section ‘Professional Tools’ are only included in the paid versions. With the ‘Professional Tools’ we are really getting into the realm of experienced user that understands exactly how difficult malware can protect itself from less advanced software. Here you will find a tool that allows you to create the popular Spybot 2 liveCD. With the liveCD you can do a ‘clean boot’ of a system and still gain access to registry hives. This is something that cannot be achieved with bootable CDs based on other operating systems. The ‘Protected Repair Environment’ which allows you to scan and clean without the interference of malware. For iPhone users there is also a useful tool provided for scanning ‘apps’.

The ‘Scripting Tool’ and ‘OpenSBI Editor’ found here are not the type of thing that would be used in the everyday detection and removal of malware but are of use in situation where an Administrator wants to provide more protection to users.

As with the previous versions we are still providing a fully functioning version for free download!

Spybot 2 is the next generation of our anti malware software and we are pleased to announce Release Candidate 3 is our last release candidate. We have fixed the last few bugs and further polished the user interface.

In Release Candidate 3 we now include our OpenSBI editor and a script editor for writing advanced malware removal scripts. These scripts are written using a Pascal dialect. With a Professional Edition license you can now also create a bootable CD using the included BootCDCreator.

Release Candidate 3 includes a free Professional Edition Evaluation License (valid for one month). By the way: you can order Spybot-S&D 2.0 Professional right now. As an early adopter you get a license that is good for 18 months instead of the usual 12 months, which equals a 50 percent plus!

Spybot-S&D 2.0 will be our next generation software to find and destroy Spyware, Trojan horses and other Malware on your computers. After the release of our first release candidate we fixed a lot of bugs and polished the user interface. So in Release Candidate 2 there are no new features and big changes compared to the last pre-release. Instead this version represents our efforts to stabilize the software further to deliver a rock-solid final version of Spybot-S&D 2.0 later this year.

Nevertheless this pre-release is still intended for testing purposes only. If you do not want to help with testing and by reporting bugs, please just continue using our tried-and-tested stable release Spybot-S&D 1.6.2.

After many months of hard work by our staff and volunteers our new look multilingual website is now live. Over the next few months with the help of our volunteers we hope to add all the additional languages we had on our old website.

We hope that you will find the new site easier to navigate and the information you require easier to find. We will also, soon, have our forum updated, our team is currently working on this.

This work is all in preparation for the imminent launch of our new product ‘Spybot 2′ – a faster and more efficient version of our tried and tested world leading anti-malware product.

We will continue to provide our software, support and forums free of charge to all our private users but in order to continue we do rely on the occasional generosity of you, our user. If you value our service maybe you might feel like making a small donation?

You may not notice any visual changes in Spybot Release Candidate 1 (RC1) if you compare it to the beta versions but there are a lot of improvements below the surface.

One thing you will notice is the new licensing scheme, but don’t worry we are still providing (and will continue to provide) a fully functioning free versionof Spybot – Search & Destroy. All essential features such as scanning, fixing and passive protection features such as the immunization will still be available. Of course shredding files is an essential part of the free version as well. The new Startup Tools will help you to browse through autostart entries and assist you taking a deeper look in your system. Separate scans for Rootkits or single file scans are also part of Spybot – Search & Destroy 2.0 Free Edition.

The new licensing scheme is to make distribution to our professional users easier for us. Some features, like support for networked environments, boot CD creation and more – features that the average user may not require, will be available to licensed users.

While Spybot 2 has not reached final state, we will of course provide a license for testing free of charge, registration will not be required. As always, users of the free edition won’t have to register even in the future. A few highlights of the release candidate are:

New Protected Repair Environment allows to run all Spybot – Search & Destroy tools in a separate and secure desktop

Full Scan runs faster through files in your download directory

Separate File Scanner can now handle huge folders

Fixed problems with Cleaner on reboot

Added Russian localisation

Included is a free Professional Edition Evaluation License (valid for 2 months)

If you decide you like the additional features in the licensed version and want to make a minimum donation of $10, forward your receipt (PayPal or WorldPay) to sales@safer-networking.ie with the words ‘Spybot Version 2 Request‘ in the subject line and we’ll generate and send you a Personal license when version 2 is released!

Welcome to the new website of Safer-Networking Ltd., the home of Spybot-Search & Destroy. This new site has been many months in development. Our aim was to make it easier for our valued users to identify the product that best suits their requirements whether it is our fully functional free version or our commercial editions.

As always Team Spybot is still the driving force behind our products and we will continue to dedicate our efforts to fight for your right to privacy when using the Internet.

Any comments you have regarding our website would be greatly appreciated. Our contact details can be found on our ‘Contact’ page.

In this Beta, as always, we have reacted to our users requests. As a result Beta 5 has important subsurface improvements:

We have revised the Uninstaller.

Memory consumption during scans has been optimized.

The detection criteria were improved and now detect more malicious files.

Extended logging is now easier to understand.

We have also added support for big fonts and made navigation without a mouse easier.

Once again we would like to thank those users who submitted bug reports.

Beta 5 features:

Start Center: New views have been added and links have been revised.

Refreshed the GUI: The navigation bar has been shortened.

The dialogs have been edited.

Files and Folder Scan detects even more malware (by extending the heuristic scope).

Files on any network resource can now be scanned (viz. UNC support).

The Rootkit scanner has been updated.

Memory consumption has been reduced.

Event logging has been updated.

The installer now prompts to uninstall a previously installed version of Spybot-S&D 2.0.

The uninstall procedure has been optimized.

Issues with Windows Security Center and Action Center integration have been fixed.

The “Jump to registry” mechanism has been optimized. The content of any detected item in your registry can now be easily checked.

Grouping has been added to SDUpdate.

Support for blind users has been improved.

Support for big fonts has been added.

Increased interoperability with 3rd party scanners.

Remember it is a beta and as such not a replacement for the stable version 1.6.2.

Known issues:

Tests on Windows 8 are not finished yet.

Previous betas were dedicated to getting feedback for ‘Live Protection’; this version does not have ‘Live Protection’ in order to get feedback on the other components independent of the ‘Live Protection’.

Since version 1.5 Spybot-S&D is kept up to date by the Updater, a separate tool. To start it, please click on Update in the navigation bar. If you want to, you can also click on the button Search for Updates – then the window showing additional update types (2.) is skipped and you start immediately with the server list (3.).

If you have clicked on Update a new window opens. There you can select two additional update types: beta and language updates. To go on, please click on Search.

Select a download location (the nearer to you the better) and click on Continue.

Select all available updates who are relevant for you (detection updates are already preselected). By clicking on Download you download them. Updates will be installed without any further action needed.

Never send a Microsoft Word document by email. They all store information you may not want others to see. This could be information about your computer to parts of the document you believed you had already deleted long ago. Think about it how embarrasing it would be if you edited the document called “Love letter to Donna.doc” and saved it as “Love letter to Nina.doc” and Nina had a closer look at the file and suddenly realised that she received the same letter you’ve already sent to Donna.

TANSTAAFL – There ain’t no such thing as a free lunch. If an email from an unknown person or a popup window offers you something for free, you can be sure there must be some snag. The “good guys” don’t use spam mails (unsolicitised email advertisement) or annoying ad popups. And there is no such thing as a free holiday trip coming from a popup that thousands of others see as well.

Don’t answer spam, not even to use the “unsubscribe” some spam mails offer. By answering, the people behind it know that your email address is a valid one, and you’ll get even more spam in the future. The best solution I’ve found so far is to use a tool like MailWasher to send back spam mails as undeliverable.

Don’t stick your passwords on PostIt notes around your screen, or under your keyboard. Don’t use the same passwords in multiple places. Don’t use your name or birthday or those of relatives as your password. Don’t give your password to anyone – not even your administrator needs to know it. I know you’ve heard and read this a lot of times before, but its important.

Set your browser to block third-party cookies. Nearly every browser allows this, and it will keep out all the tracking cookies without any need of additional blocking (and you don’t need third party cookies for anything useful). And if you use Internet Explorer, make sure your security settings are at least set to Average.

Even better, use an alternative to Internet Explorer and Outlook Express.

First, there was spam. Dozens of mails every day trying get you to order Viagra or watches at a fraction of the retail price. Then there were viruses, Worms that spread rapidly and arriving in their hundreds every day. Both were a real irritation, and both had to be dealt with.

What many good people did was to implement both spam and virus filters. In theory this was great but in practice things are never perfect.

But in fact, my inbox is now fuller than ever. You can guess why: half of the incoming mails are “Your mail has been rejected because it contains a virus” or “… because it has been classified as spam”. Why is this? Most of you know the tricks of the current mail worms: they spoof the senders address. Anti-virus programs identify these addresses as being ‘spoofed’ but instead of deleting the mail, the antivirus gateway will send a return mail stating a “Your mail has been deleted because of a virus” back to the alledged sender.

Now these “blocked because of…” mails are nearly as irritating as spam! People who are protecting themselves against spam are causing others to suffer!

Therefore I call to everyone using spam- and virus-filters: ask your administrator them to stop sending replies to these spam mails! Call your network admin, call Symantec and McAfee and Panda, call the company managing your virus-protected mail system.

And I ask all companies and anyone developing gateways that filter and bounce spam and infected emails; do the obvious! If you know a virus uses spoofed sender addresses, make sure your gateway does NOT send a reply to the alledged sender!

Anti-Malware

Obviously, you’ll find us positive about our own software for this purpose, Spybot – Search & Destroy, which should protect you well.

A very important advice when downloading any anti-malware application is to check the source of the file and the validity of the application twice. Do not use sponsored links on search engines for example – cheaters often try to sell inferior software “trials” labeled with the name of well known other products. Others are rogues that have only superficial functionality and might even install malware themselves to show they would detect something others are missing. A list of known fake or rogue applications can be found at Spyware Warrior.
Also, make sure the manufacturer of the solution you intend to install is a member of the ASC and does adhere to its standard (not all do, see below).

Anti-Virus

The classical area of protection that anyone knows about, initially centered on detecting files only, so we would still not recommend on depending on the malware protection from your AV (nor from that of your anti-malware – you’ll need both).

Standard precautions to avoid the classical viruses haven’t changed in a long time: do not open files you receive on disk or by email unless you scanned them with your antivirus application first. Do not open files a stranger sent you at all, nor files that seem to be coming from known persons, but are not accompanied with a personal letter (your friends machine might be infected and sending them out automatically). Verifying downloads by comparing their hash to one displayed on the website of the manufacturer is highly recommended (you can for example use our FileAlyzer product for that purpose).

Products we cannot recommend are:

Kaspersky Internet Security 2008/2009

McAfee InternetSecurity 2008/2009/2010

Trendmicro Internet Security 2008/2009/2010

Industry standards define software that impairs user control over material changes that affect their system security as potentially unwanted technologies, and these products force you to uninstall unconflicting competing software, thus lowering your computers level of security compared to other software. And should you really trust a company that’s putting marketing way over your security?

Firewall

At the moment, we cannot really recommend any firewall product. On the one hand, we’ve (at some point over a long time, not continuously) experienced problems with all of them we tested and would not feel comfortable e.g. recommending a firewall that kills the system. On the other hand, we do not really believe in those one-thing-for-all solutions, where firewalls include anti-virus and anti-spyware applications that are often not as well maintained as dedicated solutions and may conflict with other installed security software.

After much thought, we’ve decided that we simply could not find any third party software firewall we can currently recommend with a safe conscience. The Windows Firewall could be regarded as sufficient for sensible Internet users. We’ll update this part with better information when we come across it.

Spam Filters

If you’ve got an up to date version of your email application installed, it’ll already come with a sufficient spam filter. If you enable it and it doesn’t lead to good results immediately, you might have to “train” it for a few weeks by manually flagging spam emails. And the best protection against spam still is to deal sensitive with your personal data. Check twice or thrice where you leave your email address.

The fourth beta release of Spybot-S&D 2.0 is now ready! We would especially like to thank all users who have submitted bug reports and suggestions for Spybot-S&D 2.0 in recent weeks. Your efforts greatly helped to eliminate lots of bugs. Please keep up the good work and test our fourth public beta as well!

Beta 4 has much improved Live Protection and many bug fixes in different areas. We have also focused our efforts on testing Sypbot-S&D 2.0 for compatibility with third-party products in this release cycle.

The third beta release of Spybot-S&D 2.0 is now ready! After one more month of public beta testing many of the bugs that were reported have been fixed. We have also included your suggestions into this release.

Support Us

Spybot is maintained by a team of people very dedicated to privacy issues, many of which are working full-time on analysing masses of new threats each week, and the response time from our support team is better than that of many a commercial vendor. We would appreciate it if you would honour our efforts with a moderate donation.Donate